mirrors/hedgedoc
1
0
Fork 0
mirror of https://github.com/hedgedoc/hedgedoc.git synced 2025-05-12 22:26:08 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix: use nanoid instead of shortid

Browse source 
shortid is deprecated and they recommend nanoid instead.
We're not sure if this has to do with possible name
collisions or enumerability, but to be sure and on the
safe side, we're changing this. nanoid seems quite safe
since it uses node's crypto module underneath.

Signed-off-by: Erik Michelson <github@erik.michelson.eu>
This commit is contained in:
Erik Michelson 2025-05-05 18:13:58 +02:00
parent 5fdc09512a
commit 833c6d66c5
No known key found for this signature in database
GPG key ID: DB99ADDDC5C0AF82
7 changed files with 16 additions and 21 deletions
Download patch file Download diff file Expand all files Collapse all files

4
lib/web/note/actions.js
View file

@ -2,7 +2,7 @@ const models = require('../../models')
const logger = require('../../logger')
const config = require('../../config')
const errors = require('../../errors')
const shortId = require('shortid')
const nanoid = require('nanoid')
const moment = require('moment')
const querystring = require('querystring')
@ -36,7 +36,7 @@ exports.createGist = function createGist (req, res, note) {
client_id: config.github.clientID,
redirect_uri: config.serverURL + '/auth/github/callback/' + models.Note.encodeNoteId(note.id) + '/gist',
scope: 'gist',
state: shortId.generate()
state: nanoid.nanoid()
}
const query = querystring.stringify(data)
res.redirect('https://github.com/login/oauth/authorize?' + query)